chore(deps, cpp): update ms-vscode.cmake-tools, sonarsource.sonarlint-vscode in devcontainer.json

[philips-software-forest-releaser]

Note

Before merging this PR, please conduct a manual test checking basic functionality of the updated plug-ins. There are limited automated tests for the VS Code Extension updates.

Updates sonarsource.sonarlint-vscode from 4.42.0 to 4.43.0

Release notes

• Update C# analyzer 10.18 -> 10.19
• Update Python analyzer 5.16 -> 5.17
• Update Go analyzer 1.32 -> 1.33
• Update IaC analyzer 2.5 -> 2.6.1
• Update CFamily analyzer 6.77 -> 6.78
• Introduce Remediation Center - an experimental feature available inside SonarQube for IDE Labs. It streamlines your remediation workflow by bringing SonarQube (Server, Cloud) actions directly within a new IDE panel

Updates ms-vscode.cmake-tools from 1.22.27 to 1.22.28

Release notes

Improvements:

• Updated extension dependencies (ms-vscode.cpp-devtools)

Bug Fixes:

Fix infinite presets reloading loop when preset files are symlinks or include symlinked files. https://www.github.com/microsoft/vscode-cmake-tools/issues/4668
Reapplying "Refactor and improve colorization language services support" https://www.github.com/microsoft/vscode-cmake-tools/pull/4697

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[github-actions]

📦 Container Size Analysis

Note

Comparing ghcr.io/philips-software/amp-devcontainer-base:edge ➔ ghcr.io/philips-software/amp-devcontainer-base:pr-1160

📈 Size Comparison Table

OS/Platform	Previous	Current	Change	Trend
linux/amd64	175.16 MB	175.16 MB	+2.04 kB (+0%)	🔼
linux/arm64	167.62 MB	167.63 MB	+1.18 kB (+0%)	🔼

[github-actions]

✅⚠️MegaLinter analysis: Success with warnings

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
✅ ACTION	actionlint	21		0	0	0.57s
✅ DOCKERFILE	hadolint	3		0	0	0.71s
✅ GHERKIN	gherkin-lint	6		0	0	2.38s
✅ JSON	npm-package-json-lint	yes		no	no	0.46s
✅ JSON	prettier	21	4	0	0	0.64s
✅ JSON	v8r	21		0	0	7.59s
✅ MARKDOWN	markdownlint	12	0	0	0	1.0s
✅ MARKDOWN	markdown-table-formatter	12	0	0	0	0.26s
✅ REPOSITORY	checkov	yes		no	no	18.07s
✅ REPOSITORY	gitleaks	yes		no	no	0.53s
✅ REPOSITORY	git_diff	yes		no	no	0.01s
⚠️ REPOSITORY	grype	yes		no	20	31.26s
✅ REPOSITORY	secretlint	yes		no	no	1.05s
✅ REPOSITORY	syft	yes		no	no	2.02s
✅ REPOSITORY	trivy	yes		no	no	5.75s
✅ REPOSITORY	trivy-sbom	yes		no	no	0.24s
✅ REPOSITORY	trufflehog	yes		no	no	2.41s
⚠️ SPELL	lychee	81		1	0	9.88s
✅ YAML	prettier	29	0	0	0	0.9s
✅ YAML	v8r	29		0	0	8.52s
✅ YAML	yamllint	29		0	0	0.73s

Detailed Issues

⚠️ REPOSITORY / grype - 20 warnings

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.14.1 was found at: /.github/workflows/continuous-integration.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.14.1 was found at: /.github/workflows/image-cleanup.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.14.1 was found at: /.github/workflows/issue-cleanup.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.14.1 was found at: /.github/workflows/issue-creation-tool-versions.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.14.1 was found at: /.github/workflows/linting-formatting.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.14.1 was found at: /.github/workflows/ossf-scorecard.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.14.1 was found at: /.github/workflows/pr-conventional-title.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.14.1 was found at: /.github/workflows/pr-image-cleanup.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.14.1 was found at: /.github/workflows/pr-report.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.14.1 was found at: /.github/workflows/release-build.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.14.1 was found at: /.github/workflows/release-please.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.14.1 was found at: /.github/workflows/update-dependencies.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.14.1 was found at: /.github/workflows/vulnerability-scan.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.14.1 was found at: /.github/workflows/wc-acceptance-test.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.14.1 was found at: /.github/workflows/wc-build-push.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.14.1 was found at: /.github/workflows/wc-dependency-review.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.14.1 was found at: /.github/workflows/wc-document-generation.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.14.1 was found at: /.github/workflows/wc-integration-test.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.14.1 was found at: /.github/workflows/wc-publish-templates.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.14.1 was found at: /.github/workflows/wc-sanitize-image-name.yml

warning: 20 warnings emitted

⚠️ SPELL / lychee - 1 error

[IGNORED] docker://pandoc/extra:3.7.0@sha256:a703d335fa237f8fc3303329d87e2555dca5187930da38bfa9010fa4e690933a | Unsupported: Error creating request client: builder error for url (docker://pandoc/extra:3.7.0@sha256:a703d335fa237f8fc3303329d87e2555dca5187930da38bfa9010fa4e690933a)
[403] https://developer.arm.com/downloads/-/arm-gnu-toolchain-downloads | Network error: Forbidden
[IGNORED] https://vscode.dev/redirect?url=vscode://ms-vscode-remote.remote-containers/cloneInVolume?url=https://github.com/philips-software/amp-devcontainer | Unsupported: Error creating request client: builder error for url (vscode://ms-vscode-remote.remote-containers/cloneInVolume?url=https://github.com/philips-software/amp-devcontainer)
📝 Summary
---------------------
🔍 Total..........126
✅ Successful.....123
⏳ Timeouts.........0
🔀 Redirected.......0
👻 Excluded.........0
❓ Unknown..........0
🚫 Errors...........1

Errors in .github/TOOL_VERSION_ISSUE_TEMPLATE.md
[403] https://developer.arm.com/downloads/-/arm-gnu-toolchain-downloads | Network error: Forbidden

See detailed reports in MegaLinter artifacts

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

• Documentation: Custom Flavors
• Command: npx mega-linter-runner@9.3.0 --custom-flavor-setup --custom-flavor-linters ACTION_ACTIONLINT,DOCKERFILE_HADOLINT,GHERKIN_GHERKIN_LINT,JSON_V8R,JSON_PRETTIER,JSON_NPM_PACKAGE_JSON_LINT,MARKDOWN_MARKDOWNLINT,MARKDOWN_MARKDOWN_TABLE_FORMATTER,REPOSITORY_CHECKOV,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_GRYPE,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,SPELL_LYCHEE,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R

[github-actions]

Test Results

2 files   -  5  2 suites   - 5   0s ⏱️ - 6m 11s
1 tests  - 32  1 ✅  - 32  0 💤 ±0  0 ❌ ±0 
2 runs   - 67  2 ✅  - 67  0 💤 ±0  0 ❌ ±0 

Results for commit f6b34dc. ± Comparison against base commit bfe1bc2.